From 737dd8976f66520dbdccde6aa9c09561e52d09ad Mon Sep 17 00:00:00 2001 From: eabdullin Date: Mon, 30 Sep 2024 15:09:36 +0000 Subject: [PATCH] import CS avahi-0.8-21.el9 --- .../0001-avahi-client-fix-resource-leak.patch | 25 +++++++++++++++ ...ange-deallocations-in-avahi_time_eve.patch | 31 +++++++++++++++++++ SPECS/avahi.spec | 11 +++++-- 3 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 SOURCES/0001-avahi-client-fix-resource-leak.patch create mode 100644 SOURCES/0001-avahi-core-rearrange-deallocations-in-avahi_time_eve.patch diff --git a/SOURCES/0001-avahi-client-fix-resource-leak.patch b/SOURCES/0001-avahi-client-fix-resource-leak.patch new file mode 100644 index 0000000..9de3e9c --- /dev/null +++ b/SOURCES/0001-avahi-client-fix-resource-leak.patch @@ -0,0 +1,25 @@ +From 93c8af2a7d740cb62e8a3d5c045c7f7f68010635 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 24 Oct 2018 15:22:19 +0000 +Subject: [PATCH] avahi-client: fix resource leak + +--- + avahi-client/browser.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/avahi-client/browser.c b/avahi-client/browser.c +index c978d94..fa4a9a8 100644 +--- a/avahi-client/browser.c ++++ b/avahi-client/browser.c +@@ -72,6 +72,8 @@ static void parse_domain_file(AvahiDomainBrowser *b) { + if (avahi_normalize_name(buf, domain, sizeof(domain))) + b->static_browse_domains = avahi_string_list_add(b->static_browse_domains, domain); + } ++ ++ fclose(f); + } + + static void domain_browser_ref(AvahiDomainBrowser *db) { +-- +2.45.2 + diff --git a/SOURCES/0001-avahi-core-rearrange-deallocations-in-avahi_time_eve.patch b/SOURCES/0001-avahi-core-rearrange-deallocations-in-avahi_time_eve.patch new file mode 100644 index 0000000..9dfaed3 --- /dev/null +++ b/SOURCES/0001-avahi-core-rearrange-deallocations-in-avahi_time_eve.patch @@ -0,0 +1,31 @@ +From accbffad337266c1f014251fe277d442564a04eb Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin +Date: Mon, 5 Dec 2022 20:17:42 +0000 +Subject: [PATCH] avahi-core: rearrange deallocations in + avahi_time_event_queue_new a bit + +Reported by Coverity Scan. +--- + avahi-core/timeeventq.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/avahi-core/timeeventq.c b/avahi-core/timeeventq.c +index 2799bf2..beceaff 100644 +--- a/avahi-core/timeeventq.c ++++ b/avahi-core/timeeventq.c +@@ -135,10 +135,10 @@ AvahiTimeEventQueue* avahi_time_event_queue_new(const AvahiPoll *poll_api) { + oom: + + if (q) { +- avahi_free(q); +- + if (q->prioq) + avahi_prio_queue_free(q->prioq); ++ ++ avahi_free(q); + } + + return NULL; +-- +2.45.2 + diff --git a/SPECS/avahi.spec b/SPECS/avahi.spec index 2cd9214..d4b94f2 100644 --- a/SPECS/avahi.spec +++ b/SPECS/avahi.spec @@ -48,7 +48,7 @@ Name: avahi Version: 0.8 -Release: 20%{?dist} +Release: 21%{?dist} Summary: Local network service discovery License: LGPLv2+ URL: http://avahi.org @@ -142,6 +142,8 @@ Patch18: 0001-core-copy-resource-records-with-zero-length-rdata-pr.patch Patch19: 0001-core-extract-host-name-using-avahi_unescape_label.patch Patch20: 0001-core-return-errors-from-avahi_server_set_host_name-p.patch Patch21: 0001-core-reject-overly-long-TXT-resource-records.patch +Patch22: 0001-avahi-client-fix-resource-leak.patch +Patch23: 0001-avahi-core-rearrange-deallocations-in-avahi_time_eve.patch ## downstream patches Patch100: avahi-0.6.30-mono-libdir.patch @@ -629,7 +631,7 @@ exit 0 %ghost %{_sysconfdir}/avahi/etc/localtime %config(noreplace) %{_sysconfdir}/avahi/hosts %dir %{_sysconfdir}/avahi/services -%ghost %dir %{_localstatedir}/run/avahi-daemon +%ghost %attr(0755, avahi, avahi) %dir %{_localstatedir}/run/avahi-daemon %config(noreplace) %{_sysconfdir}/avahi/avahi-daemon.conf %config(noreplace) %{_sysconfdir}/dbus-1/system.d/avahi-dbus.conf %{_sbindir}/avahi-daemon @@ -837,6 +839,11 @@ exit 0 %changelog +* Mon Aug 26 2024 Michal Sekletar - 0.8-21 +- fix file attributes on /run/avahi-daemon (RHEL-5633) +- avahi-client: fix resource leak (RHEL-27722) +- fix resource leak in avahi_time_event_queue_new (RHEL-27717) + * Wed Nov 08 2023 Michal Sekletar - 0.8-20 - Fix CVE-2023-38469 (RHEL-5637)